Re: the defferences between IDS & IPS

Hello,

Basically IDS (Intrusion Detection System) is a device which can sniff (copy) traffic and analyze (compare against pre-defined signatures) it for any bad behavior or malicious traffic, this means that IDS device can’t be positioned inline in the path of traffic which results of limitation of its capability of protection (it is more Detection not Prevention/Protection).So basically, it is a passive-monitoring system which may be used in conjunction with IPS to prevent attacks.

While IPS (Intrusion Prevention System) can be deployed inline which gives it ability to block malicious / bad traffic before it reaches its destination. But you have to be carful as nowadays you might find device described as IDS which can be deployed inline like Cisco IDSM which is in fact IPS but they are using both names interchangeably.

We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...
view more